This is a bit sinister: the China Internet Network Information Center (CNNIC) has been dropping digital certificates into the computers of everyone in China, which could potentially allow them to snoop on your normally secure ‘https’ web-surfing, such as your online banking and email.
CNNIC’s digital certificate, which is probably in your computer right now, has not been proved to be maliciously spying, but it’s a matter of trust. Do you really trust CNNIC, the overlords of the ‘Great Firewall’, to not be potentially peeking into your email, Facebook, Paypal account or online bank? Nope, thought not.
These digital certificates are not viruses or malware; they’re genuine tools that sites use to encrypt and verify information, and are issued by third-party Certificate Authorities (CA). For this CNNIC certificate to be on your computer, it has taken numerous levels of consent: by the web browser makers (Mozilla’s Firefox, Apple’s Safari, Google’s Chrome, Microsoft’s Internet Explorer, and more obscure ones, such as Opera) and by the CA ‘Entrust’, who will have evaluated, accepted and issued CNNIC’s digital certificate.
So, what’s the drama, you ask… Well, in devious hands, these important data snippets can be configured to pry, spy and snoop on your web traffic and private data. A benign digital certificate could turn malicious if remotely reconfigured, so as to tap into a certain users encrypted web data. In one other scenario, CNNIC could possibly use this tool in conjunction with the Great Firewall to tunnel into your encrypted web sessions. And, remember, CNNIC has a history of putting malware on people’s machines, hence all the alarm bells ringing over this tiny, new development.